Guest post by Julia Nesheiwat, former Homeland Security Advisor to the President and Deputy Assistant Secretary of State for Energy, and Courtney Manning, Director of AI Imperative 2030.

When Chinese state-sponsored cyber criminals used Claude Code AI to orchestrate simultaneous cyberattacks on sensitive cloud networks in thirty countries, a human entered the loop only once: to review the agent’s findings and click “send.” Now, the world is cleaning up the rubble of the first AI-powered cyber bombing of critical infrastructure—and is wholly unprepared for what’s to come.

From the Chinese Communist Party to the Kremlin to Iranian extremists, cyber criminals are increasingly carrying out attacks on the U.S. homeland. Amazon Web Services tracks over 750 million threats daily, and attacks on citizens and infrastructure rose more than 70% last year.

Despite this, most Americans won’t see justice if they’ve been impacted by the recent AI-powered breaches… or any of the next million to come.

Why not? Law enforcement agencies know that identifying a cyber attacker is a slow, complex, and uncertain process. Prosecution is even harder; most hacks originate from outside the United States, and many require cooperation with unfriendly or underequipped nations to exfiltrate or prosecute those accused.

But focusing on post-facto responses misses the forest for the trees. To defend America’s critical infrastructure, we need to ask a new question: why are cybercriminals able to continually breach U.S. defenses in the first place?

Before the global migration to the cloud, sound cybersecurity meant keeping threats isolated to a single space within an organization’s control. Access control lists, firewalls, and VPNs aimed to protect trusted insiders from external threats.

Remote computing shattered that illusion. Today, critical functions are split across on-premises systems, public clouds, and third-party cloud-connected applications—sometimes in the United States, but often outside it. This both magnified potential entry points into enterprise networks and worsened the impact of a single breach as attackers jumped from network to network.

Then came artificial intelligence. AI has supercharged cyber offense, driving up phishing scams by more than 1,200% and compressing weeks of hacking into seconds. AI malware agents that anyone can download aren’t as sophisticated as the most advanced hackers but can accelerate basic cyberattacks at unprecedented speed and scale. Recent research finds that these tools have been downloaded over 21 million times in the last six months.

Together, cloud computing and artificial intelligence have revolutionized the cyber game—and there is no rollback. While federal systems rapidly modernize, however, America’s private sector infrastructure operators lag far behind. IT leaders are sounding the alarm that operational technology systems controlling the nation’s vital defense, water, and energy systems are extremely vulnerable to state-sponsored cyber threats.

The good news: the same technologies being weaponized against us can empower our response. Just as open-source autonomous tools continually probe our systems for weaknesses, advanced AI agents can be deployed to preventatively detect and patch them. Real-time threat monitoring and defense-in-depth are necessary to neutralize the AI-powered threats at our front lines.

But we need to act fast. Foremost, that means ensuring our technology sector has the energy it needs to power these AI-based solutions, as power rapidly becomes the number one bottleneck facing new data centers. Not just any energy, either – for these technologies to be widely adopted, we need affordable and reliable energy available throughout the country, to ensure North American companies, both large and small, can afford their own AI defenders.

We also need a cohesive strategy to strengthen domestic cyber research and development. Public-private partnerships with universities, start-ups, and research centers can ensure that the government both fuels and reaps the rewards from homeland defense innovations. It demands a democratized approach to fight back when our adversaries throw the first punch.

Finally, defense-in-depth must prevent single breaks from collapsing entire ecosystems. Concentric circles of AI and conventional cyber defenses are needed to ensure that breaches of one cloud application aren’t gateways to America’s most sensitive systems. AI is revolutionary, but it isn’t infallible; zero trust solutions for cloud-connected workflows and applications are a must.

Cyber threats are constantly evolving, and so must AI-powered defenses.  To protect the homeland, it’s time for everyone—companies, countries, states, and allies—to take their heads out of the clouds and face cyber reality.

Dr. Julia Nesheiwat was formerly the Homeland Security Advisor to the President and Deputy Assistant Secretary of State for Energy. She is now a Distinguished Fellow at the Atlantic Council Global Energy Center. Courtney Manning is the Director of AI Imperative 2030 at the American Security Project, where she leads research on AI-powered threats to the U.S. homeland.

Share on Facebook

Tweet